From 86d9db350a511fd345046bb3ecbcc3fd82c1c441 Mon Sep 17 00:00:00 2001 From: Jean-Romain Garnier Date: Thu, 16 Apr 2020 17:16:33 +0000 Subject: [PATCH] Add option to enable the password field during account creation --- ...allow_set_password_during_user_creation.py | 20 +++++++++ preferences/models.py | 9 ++++ .../preferences/display_preferences.html | 4 ++ users/forms.py | 42 ++++++++++--------- users/views.py | 30 ++++--------- 5 files changed, 64 insertions(+), 41 deletions(-) create mode 100644 preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py diff --git a/preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py b/preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py new file mode 100644 index 00000000..63d9e4c9 --- /dev/null +++ b/preferences/migrations/0068_optionaluser_allow_set_password_during_user_creation.py @@ -0,0 +1,20 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.11.28 on 2020-04-16 17:06 +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('preferences', '0067_auto_20191120_0159'), + ] + + operations = [ + migrations.AddField( + model_name='optionaluser', + name='allow_set_password_during_user_creation', + field=models.BooleanField(default=False, help_text='If True, users have the choice to receive an email containing a link to reset their password during creation, or to directly set their password in the page. If False, an email is always sent.'), + ), + ] diff --git a/preferences/models.py b/preferences/models.py index b8189384..8570e79b 100644 --- a/preferences/models.py +++ b/preferences/models.py @@ -117,6 +117,15 @@ class OptionalUser(AclMixin, PreferencesModel): " If False, only when a valid registration has been paid." ), ) + allow_set_password_during_user_creation = models.BooleanField( + default=False, + help_text=_( + "If True, users have the choice to receive an email containing" + " a link to reset their password during creation, or to directly" + " set their password in the page." + " If False, an email is always sent." + ), + ) allow_archived_connexion = models.BooleanField( default=False, help_text=_("If True, archived users are allowed to connect.") ) diff --git a/preferences/templates/preferences/display_preferences.html b/preferences/templates/preferences/display_preferences.html index 8e00962e..89858ddc 100644 --- a/preferences/templates/preferences/display_preferences.html +++ b/preferences/templates/preferences/display_preferences.html @@ -125,6 +125,10 @@ with this program; if not, write to the Free Software Foundation, Inc., {% trans "All users are active by default" %} {{ useroptions.all_users_active|tick }} + {% trans "Allow directly entering a password during account creation" %} + {{ useroptions.allow_set_password_during_user_creation|tick }} + + {% trans "Allow archived users to log in" %} {{ useroptions.allow_archived_connexion|tick }} diff --git a/users/forms.py b/users/forms.py index c5200fc2..7b133c4b 100644 --- a/users/forms.py +++ b/users/forms.py @@ -382,26 +382,27 @@ class AdherentCreationForm(AdherentForm): AdherentForm auquel on ajoute une checkbox afin d'éviter les doublons d'utilisateurs et, optionnellement, un champ mot de passe""" - # Champ pour choisir si un lien est envoyé par mail pour le mot de passe - init_password_by_mail = forms.BooleanField(required=False, initial=True) - init_password_by_mail.label = _("Send password reset link by email.") + if OptionalUser.get_cached_value("allow_set_password_during_user_creation"): + # Champ pour choisir si un lien est envoyé par mail pour le mot de passe + init_password_by_mail = forms.BooleanField(required=False, initial=True) + init_password_by_mail.label = _("Send password reset link by email.") - # Champs pour initialiser le mot de passe - # Validators are handled manually since theses fields aren't always required - password1 = forms.CharField( - required=False, - label=_("Password"), - widget=forms.PasswordInput, - # validators=[MinLengthValidator(8)], - max_length=255, - ) - password2 = forms.CharField( - required=False, - label=_("Password confirmation"), - widget=forms.PasswordInput, - # validators=[MinLengthValidator(8)], - max_length=255, - ) + # Champs pour initialiser le mot de passe + # Validators are handled manually since theses fields aren't always required + password1 = forms.CharField( + required=False, + label=_("Password"), + widget=forms.PasswordInput, + #validators=[MinLengthValidator(8)], + max_length=255, + ) + password2 = forms.CharField( + required=False, + label=_("Password confirmation"), + widget=forms.PasswordInput, + #validators=[MinLengthValidator(8)], + max_length=255, + ) # Champ permettant d'éviter au maxium les doublons d'utilisateurs former_user_check_info = _( @@ -476,7 +477,8 @@ class AdherentCreationForm(AdherentForm): # Save the provided password in hashed format user = super(AdherentForm, self).save(commit=False) - send_email = self.cleaned_data.get("init_password_by_mail") + is_set_password_allowed = OptionalUser.get_cached_value("allow_set_password_during_user_creation") + send_email = not is_set_password_allowed or self.cleaned_data.get("init_password_by_mail") if not send_email: user.set_password(self.cleaned_data["password1"]) diff --git a/users/views.py b/users/views.py index f14cb295..3f41a990 100644 --- a/users/views.py +++ b/users/views.py @@ -119,12 +119,13 @@ def new_user(request): user = AdherentCreationForm(request.POST or None, user=request.user) GTU_sum_up = GeneralOption.get_cached_value("GTU_sum_up") GTU = GeneralOption.get_cached_value("GTU") + is_set_password_allowed = OptionalUser.get_cached_value("allow_set_password_during_user_creation") if user.is_valid(): user = user.save() # Use "is False" so that if None, the email is sent - if user.should_send_password_reset_email is False: + if is_set_password_allowed and user.should_send_password_reset_email is False: messages.success( request, _("The user %s was created.") @@ -143,30 +144,17 @@ def new_user(request): # Anonymous users are allowed to create new accounts # but they should be treated differently params = { - "userform": user, - "GTU_sum_up": GTU_sum_up, - "GTU": GTU, - "showCGU": True, - "action_name": _("Commit"), - } + "userform": user, + "GTU_sum_up": GTU_sum_up, + "GTU": GTU, + "showCGU": True, + "action_name": _("Commit"), + } - if request.user.is_anonymous: + if is_set_password_allowed: params["load_js_file"] = "/static/js/toggle_password_fields.js" return form(params, "users/user.html", request) - """ - return form( - { - "userform": user, - "GTU_sum_up": GTU_sum_up, - "GTU": GTU, - "showCGU": True, - "action_name": _("Commit"), - }, - "users/user.html", - request, - ) - """ @login_required